Chapter 8 | Databases

8.1 Database concepts

Data Terms

Data security - protecting data against loss
Data privacy - protects data from unauthorized access i.e. keeps data confidential
Data integrity - ensures data is correct, consistent, and accurate
Data redundancy - repeated data

Relational vs. File-Based Approach

Relational database - a database that consists of multiple linked tables

Advantages of relational databases:

Reduced data redundancy
- As data is stored in seperate linked tables with relationships
Improved data integrity
- As the database only stores the data once,
- So the associated data will be automatically updated
Complex queries can be written more easily
- To search and find specific data
- Also a DBMS supports query languages
Fields can be more easily added to or removed from tables
- Without affecting existing applications that do not use these fields
Program-data dependence is overcome
Data security is improved
- Each application only has access to the fields it needs
- Different users can be given different access rights
Data privacy is maintained as users can be given different views to the data
- So they don't see confidential data
Allows concurrent access (multiple users at once)
- Record locking assures data consistency

File-based database - all the data is stored on one table

Limitations of a file-based approach:

Decrease in data integrity
- As data is stored all in one table and so relevant data may need to
  be stored more than once e.g. an entrance log where names etc need
  to be stored more than once and may change over time.
- The File-based approach does not automatically update the data
Data redundancy potential
- As data is stored in one table
Harder to perform complex queries
Lack of data privacy
- Access to the table means users can access all the data
Lack of Validation
Sharing of data becomes more difficult
Slow for huge database

Database Key Terms

Term	Definition
Entity	A specific object or concept that is represented and stored in a database, and that can be identified by a unique set of attributes or properties Any object, person or thing about which it is possible to store data about
Table	Stores data about a particular subject, with rows and columns
Atomic	A field containing only one item of data in its simplest form
Record/tuple/row	All the information about an item/entity
Attribute/field/column	A characteristic or item of data about an entity
Primary key	An attribute/group of attributes used to uniquely identify a tuple/row
Composite key	A key made up of more than one field
Candidate key	An attribute that could be used as a primary key (uniquely identifies a tuple/row)
Secondary key	An attribute that is indexed for faster searching
Foreign key	Attribute(s) in a table that link to a primary key in another table to form a relationship
Index	A small secondary table used for rapid searching which contains one attribute from the table being searched and pointers to the rows in that table

Entity-Relationship Modelling

Entity-relationship diagrams are used to break down the relationships between the tables
in a database. Used in place of stepwise refinement.

The relationship is established through the use of foreign keys
There are three main relationship types:
- Many-to-many: if each table can have multiple connections
  to the other table. Each table can be related multiple times. e.g. student and subject. A student can
  have many subjects and a subject can have many students, therefore a many-to-many relationship.
- One-to-many (or many-to-one): a relationship between instances of an
  entity with more than one instance of another entity, e.g. car maker and car model. A car manufacturer
  can make many car models, but a car model can only have one car maker.
- One-to-one: e.g. a person and their passport. Only one person can have a specific passport.

Normalisation

First Normal Form (1NF):

No repeated groups of data
Attributes should be atomic
No duplicate rows

Second Normal Form (2NF):

No partial dependencies
- This means in tables where there is more than one key, each field cannot
  depend on one key but not the other.

Third Normal Form (3NF):

No non-key / transistive dependencies
- This means every field in that table has to depend wholly on the primary key
  and not on another key i.e. another field changing wouldn’t change its value
  BUT the primary key.

In order to normalise tables you must change all many-to-many relationships and turn them into one-to-many
relationships using an intermediary table.

To change into 1NF, you place all repeating data in a new table so that the intersection of each tuple and
attribute contains only 1 value. These tables will be linked through the foreign keys.
- For example, a student with ID 001 will only be listed once:
To change into 2NF you need to remove all partial dependencies. This can only be done with tables
that have more than one key.
To change into 3NF you need to remove any non-key dependencies fields may have.

A database is fully normalised if:

There are no repeating groups (1NF)
There are no partial dependencies (2NF)
There are no non-key dependencies/ no transitive dependencies (3NF)

8.2 Database Management Systems (DBMS)

Key DBMS Terms

Term	Definition
Referential integrity	Prevents the database from referencing data that does not exist (more information later)
Data management	Metadata on the database - only viewed by the DBA
Data modelling	A database model is a type of data model that determines the logical structure of a database and fundamentally determines in which manner data can be stored, organized and manipulated
Data dictionary	Stores all the information about the database and metadata about the data. Includes: Fields Table name Rows Data types Validation rules Primary keys and foreign keys Relationships

dbms terms table here **include DBMS and DBA definitions in table**

Entity integrity - ensures that the primary key in a table is unique and the value is not set to null
Referential integrity - Making sure tables do not try to reference data that does not exist.

This prevents the user from deleting or updating records if the data is already linked to other records.
If one table has a foreign key, it is not possible to add a record to that table unless there is a
corresponding record in the linked table with a corresponding primary key.
Cascading delete
- If a record is deleted in the primary table, all corresponding linked records in the foreign
  tables must also be deleted.
Cascading update
- If a record in the primary table is modified, all linked records in foreign tables will also
  be modified.
Linking to table
- Database X has a table Y which has a primary key of Z. If it is changed, previous data
  may not be linked to any actual data (it is orphaned data).

These are the main software tools that are provided by the DBMS:

Query processor

A software tool provided by the DBMS that allows a developer to extract data from a database.
Its functions include:
- Setting up search criteria
- Finding data that matches the criteria
- Organising results to be displayed to the user
- Creating SQL queries
- Performing calculations on extracted data
The DBMS also includes:
- a DDL interpreter
- a DML compiler
- a query evaluation engine

Developer interface

Gives access to software tools provided by a DBMS for creating tables
Enables the developer to create user-friendly forms and reports, and allows them to:
- Set up forms for the input of data
- Add objects to a form to make data input easier, e.g. drop-down boxes
- Design reports for the output of specific data e.g. student marks
- Add a menu to select options for different actions

The Schema

The four parts of a schema are:

External - The individual's view of the database
Conceptual - Describes the data as seen by the applications using the DBMS
Physcial/Internal - Describes how the data will be stored on the physical media
Logical - Describes how the relationships will be implemented in the structure of the database

A logical schema:

Is the overwiew of a database structure
Models the problem / situation, by using methods such as an ER diagram
Independent of any particular DBMS

Uses of the DBA & DBMS

Ways in which the Database Administrator (DBA) could use the DBMS software to ensure the security:

Issue usernames and passwords which stops unauthorized access to the data. To prevent any
further expansion, they should use strong passwords and/or passwords should be changed regularly.
Restrict access rights and privileges so that only certain users can read/edit certain parts of the data.
Create regular, scheduled backups in case of loss to the live data a copy is available.
Encrypt data, so in case of unauthorized access to the data it cannot be understood.
Define different views so the database is composed of multiple tables which controls the scope of
the data accessible to authorised users.
Monitor usage and activity by creating an activity log, which records operations performed by all
users and the use of the data in the database

Security features provided by the DBMS:

Encryption - Data is incomprehensible to unauthorized users
Password/biometrics - Prevents unauthorized access
Views - Restricts which parts of the database specific users can use
Access rights/user accounts - Restrict actions (e.g. read/read-write) of specific users, so
unauthorised users cannot access the database
Automatic backup - Create regular copies of data in case of loss

These are some non-physical methods used to improve the security of computer systems and databases:

Access rights/usernames and passwords

User has a username and password
Access to resources can be limited to specific accounts
Unauthorised users annot access the system without a valid username and password

Firewalls

All incoming and outgoing network traffic is monitored through the firewall
Prevents malicious software from getting in
Blocks signals that do not meet requirements
Keeps a log of signals
Applications can have network access restricted

Auditing

Activity log that logs all actions/changes to the system
Used to identify unauthorized use

Anti-malware

Scans for malicious software
Quarantines or deletes any malicious software found
Scans can be scheduled at regular intervals
Should be kept up to date

Application Security (or equivalent)

Applying regular updates / patches
Finding, fixing and preventing security vulnerabilities in any (installed) application

Physical methods are also often used. These include:

Locks
Physical back-ups e.g. on a separate disk
Security cameras

8.3 Data Definition Language (DDL) and Data Manipulation Language (DML)

SQL Data Types →

CHARACTER(n) = Fixed length of string type text
VARCHAR(n) = Any amount of characters up to the number of characters specified
BOOLEAN = A true or false value
INTEGER = Any whole number
REAL = Any number with decimal places
DATE = Date in format YYYY-MM-DD
TIME = Time in format HH:MM:SS

Data Definition Language (DDL) →

Allows you to create the database, its entities (i.e. tables) and alter them:

CREATE TABLE TABLENAME(
      <fieldname> <datatype> (X) NOT NULL,
      ...
      PRIMARY KEY(<primaryID>)
);

Example →

CREATE TABLE STUDENTS(
      <StudentID> <CHARACTER> (4) NOT NULL,
      <Name> <VARCHARACTER> (20) NOT NULL,
      <Age> <INTEGER> NOT NULL,
      <Grade> <INTEGER> NOT NULL,
      <FeePaid> <BOOLEAN> NOT NULL,
      PRIMARY KEY(<StudentID>)
);

Alter Table →

To change the data type of a column →

ALTER TABLE <tablename>
ALTER COLUMN <fieldname>DATATYPE;

Name of table
Attribute (field) name
New data-type of attribute

To add a new column to an existing table →

ALTER TABLE <tablename>
ADD <fieldname>DATATYPE;

Name of table
Attribute (field) name
Data-type of column

To remove a column →

ALTER TABLE <tablename>
DROP COLUMN <fieldname>DATATYPE;

Name of table
Attribute (field) name
Data-type of column

To add a primary key to a table →

ALTER TABLE <tablename>
ADD PRIMARY KEY (<fieldname>);

Name of table
Chosen primary key field

To remove a primary key from a table →

ALTER TABLE <tablename>
DROP PRIMARY KEY;

Name of table
This removes all primary keys from a table

To add a foreign key →

ALTER TABLE < other tablename>
ADD FOREIGN KEY<fieldname>DATATYPE;
REFERENCES<tablename>(<fieldname>);

Name of foreign key table
The chosen foreign key field from original table (the primary key of 1st table)
The original (primary key) table and the primary key

Example →

ALTER TABLE BOOKING
ADD FOREIGN KEY (MovieID)
REFERENCES MOVIE (MovieID);

Data Manipulation Language (DML) →

allows you to insert data into the database, edit it and perform queries.

INSERT INTO →

Used to add data into a table

INSERT INTO DISCOUNT (AgeBand, Discount)
VALUES ("F", 50);

Table name
Fields you want to insert data into
And their corresponding values

Deleting using DML →

DELETE FROM <tablename>

This will delete whole table

DELETE FROM <tablename>
WHERE <condition>

E.g. MovieID = 'MOV009'
This will delete a record

Updating a record →

UPDATE <tablename>
SET <field> = <value>
WHERE <condition>;

This will amend existing data into a table

SELECT...FROM...WHERE →

Queries are used to get information from the database. They have a SELECT, FROM, WHERE system.

SELECT <field1>, <field2>
FROM <tablename>
WHERE <condition>;

The table you want your query to search from
The category your searching for

Others may include the ORDER BY function which is used to sort the data in either ascending or descending order.

SELECT <field1>, <field2>
FROM <tablename>
WHERE <condition>;
ORDER BY <field> ASC/DESC

The table you want your query to search from
The category your searching for
Sorted in ascended/descended alphabetical order

Or other more specific searches using the wildcard characters or keywords:

Character	What it represents
%	Represents zero or more characters in a query E.g. LIKE “O%” would search for anything beginning with an O.
_	Represents a single character
#	Represents a single numeric character

Example →

SELECT MovieTitle
FROM MOVIE
WHERE MovieTitle LIKE "A%";

This query will search for all the Movie Titles beginning with the letter "A"
The LIKE keyword is used in a WHERE clause to search for a specified pattern in a column.

SELECT *
FROM <tablename>

An asterisk is used to display all the records from the <tablename> table.

The BETWEEN...AND operators can be used to select values within a specific range. The operators >= and <= can be used to achieve the same result.

WHERE Age BETWEEN 12 AND 24;
or WHERE Age >= 12 AND Age <= 24;

Used with the SELECT...FROM...WHERE operators

Null values can also be used when fields do not have a value (are null) →

SELECT *
FROM <tablename>
WHERE <field> is NULL;

Used to find fields where there is no value

The IN operator is used as multiple OR operators →

SELECT MovieTitle, MovieCategory
FROM MOVIE
WHERE MovieCategory IN ('Action', 'Adventure');

This searches for the Action OR Adventure titles. The IN operator is used as an OR operator.

INNER JOIN →

Joins are used to search for data between multiple tables.
For an INNER JOIN to work, there has to be something common between the tables.
When you perform an INNER JOIN the tables are merged together, which creates temporary redundancies. This allows for better extraction of data.

When joining two tables →

SELECT Table1.FieldName1, Table2.FieldName2
FROM Table1, Table2
WHERE Table 1.Common Field = Table 2.Common Field ;

The field names are joined to the table names.

Example →

SELECT Title, Rating
FROM MOVIE, MOVIESCHEDULE
WHERE MOVIE.MovieID = MOVIESCHEDULE.MovieID
AND MOVIESCHEDULE.ScreenNumber = 3;

When joining three tables →

SELECT Table1.FieldName1, Table2.FieldName2
FROM Table1, Table2, Table3
WHERE Table 1.Common Field = Table 2.Common Field
AND Table 2.Common Field = Table 3.Common Field;

Example →

SELECT BOOKING.CustomerName, MOVIE.MovieTitle, BOOKING.BookingDate
FROM BOOKING, MOVIE
WHERE MOVIE.MovieID = BOOKING.MovieID AND BOOKING.CustomerName = "Bob Smith";

This INNER JOIN query will search for all the bookings made by customer Bob Smith showing the movie title and booking date (with the data being retrieved from the BOOKING and MOVIE tables).

Aggregate Funtions →

Average: Finds the mean of all records

SELECT AVG(field1) AS <identifier>
FROM <tablename>

Sum: Finds the total of all records

SELECT SUM(field1) AS <identifier>
FROM <tablename>

Count: Finds the total of all records

SELECT COUNT(field1) AS <identifier>
FROM <tablename>

Group By →

SELECT CustomerName
FROM BOOKING
WHERE CustomerName LIKE '?o*'
GROUP BY CustomerName
ORDER BY CustomerName ASC;

Group by is used to combine similar data together.
Group by is usually used with aggregate/group functions to present the result as a single value.

Query Summary →

In SQL, a typical query would have this following order (sequence):

SELECT ...
FROM ...
WHERE ...
GROUP BY ...
ORDER BY ...